Re: Problems in OpenLDAP 2.4.11

John Du writes:
> 1.  We have an attribute c in the ou=People sub-tree.  The value can be 
> either US or CA.  Now if we search "c=US" or "c=CA", we do not get any 
> matches.  But if we do "c=U*", it finds all the c=US entries. Same thing 
> happens to c=C*.

My guess: You added 'index c' to slapd.conf, but did not index your
existing data.  Stop slapd, run sbin/slapindex, restart slapd.
Substring match of just one letter worked anyway because it does not use
the index.

> 2.  LAM  2.5.0 (LDAP Account Manager) cannot browse the schema on the 
> new server.  It says "Unable to retrieve schema".  LAM worked fine with 
> OpenLDAP 2.2.13.

No idea.  I'd check the slapd log from loglevel 256 or 768.  That's the
default syslog level, or you could run slapd -d256 or -d768 ... to log
to stderr.  Note what requests LAM sends, and check the corresponding
error code/description (err=... text=...) against RFC 4511, Appendix A.